The attack-surface-framework project team welcomes contributions from the community. Before you start working with attack-surface-framework, please read our Developer Certificate of Origin. All contributions to this repository must be signed as described on that page. Your signature certifies that you wrote the patch or have the right to pass it on as an open-source patch.
This is a rough outline of what a contributor's workflow looks like:
- Create a topic branch from where you want to base your work
- Make commits of logical units
- Make sure your commit messages are in the proper format (see below)
- Push your changes to a topic branch in your fork of the repository
- Submit a pull request
Example:
git remote add upstream https://github.com/vmware/attack-surface-framework.git
git checkout -b my-new-feature main
git commit -a
git push origin my-new-feature
When your branch gets out of sync with the vmware/main branch, use the following to update:
git checkout my-new-feature
git fetch -a
git pull --rebase upstream main
git push --force-with-lease origin my-new-feature
If your PR fails to pass CI or needs changes based on code review, you'll most likely want to squash these changes into existing commits.
If your pull request contains a single commit or your changes are related to the most recent commit, you can simply amend the commit.
git add .
git commit --amend
git push --force-with-lease origin my-new-feature
If you need to squash changes into an earlier commit, you can use:
git add .
git commit --fixup <commit>
git rebase -i --autosquash main
git push --force-with-lease origin my-new-feature
Be sure to add a comment to the PR indicating your new changes are ready to review, as GitHub does not generate a notification when you git push.
We follow the conventions on How to Write a Git Commit Message.
Be sure to include any related GitHub issue references in the commit message. See GFM syntax for referencing issues and commits.
When opening a new issue, try to roughly follow the commit message format conventions above.